Inferring the presence of reverse proxies through timing analysis
Bookreader Item Preview
Share or Embed This Item
- Publication date
- 2015-06-01 00:00:00
- Topics
- Active Measurement, Timing Analysis, Reverse Proxy, Machine Learning, Inference, Classification
- Publisher
- Monterey, California: Naval Postgraduate School
- Collection
- navalpostgraduateschoollibrary; fedlink
- Language
- English
- Rights
- This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
This thesis presents a method for inferring the presence of a reverse proxy server using packet timing analysis from the vantage point of a client system. This method can determine whether Internet users are receiving web content from the actual source or from some potentially spoofed proxy device; leading to better risk assessment and understanding of the cyber terrain. By using only the measurement and comparison of three-way handshake and content request/delivery packet round trip times, we identify an accurate classifier that detects the presence of a reverse proxy server with over 98% accuracy. This is an improvement over other inference methods because all measurements can be done from an external client machine. A secondary yet significant contribution is the robust data set that was produced as a result of this research. We have collected a set of over 6 million data points from a known set of 30 globally dispersed machines, which was instrumental in our research efforts and will be used for further studies and exploration.
- Addeddate
- 2019-05-04 07:05:42
- Advisor
-
Xie, Geoffrey
Beverly, Robert
- Degree_discipline
- Computer Science
- Degree_grantor
- Naval Postgraduate School
- Degree_level
- Masters
- Degree_name
- Master of Science in Computer Science
- Department
- Computer Science
- Distributionstatement
- Approved for public release; distribution is unlimited.
- Dspace_note
- Note, the Item of Record as published can be found at https://hdl.handle.net/10945/45803.
- External-identifier
- urn:handle:10945/45803
- Foldoutcount
- 0
- Identifier
- inferringpresenc1094545803
- Identifier-ark
- ark:/13960/t61626j7m
- Item_source
- dspace
- Ocr
- tesseract 5.0.0-rc2-1-gf788
- Ocr_detected_lang
- en
- Ocr_detected_lang_conf
- 1.0000
- Ocr_detected_script
- Latin
- Ocr_detected_script_conf
- 0.9493
- Ocr_module_version
- 0.0.14
- Ocr_parameters
- -l eng
- Orig_md5
- 1ea7bf1647d02791e21532d4659bd2e4
- Page_number_confidence
- 72.31
- Pages
- 67
- Ppi
- 300
- Recognition
-
Outstanding Thesis
Outstanding Thesis
- Scanner
- Internet Archive Python library 1.8.1
- Service
- Major, United States Army
- Type
- Thesis
comment
Reviews
There are no reviews yet. Be the first one to
write a review.